Row-level Audit trails are now explicitly maintained for access to database-stored data

Form Database Access using the LuxSci API

LuxSci’s API enables SecureForm customers to manage form posts stored to hosted MySQL databases. In particular, this makes audited access to stored (and encrypted) data simple, does not require any SQL knowledge, and permits you to determine if access is read only or read and delete.

The API commands available include:

Listing information about all or specific SecureForm configurations in your account

Retrieving metadata about the form posts saved. E.g. # of posts, first and last row index, first and last date/time posted, etc. This metadata query makes synchronization a snap.

Retrieve the complete contents of one or many rows (up to 500 at a time).

Works seamlessly, even if the row-data is encrypted at rest in your database.

Form Database Auditing

LuxSci has had internal auditing of access to SecureForm database data that is accessed through our web-based form-database reporting tool. However, this access auditing was coarse and not visible to account administrators. Now, SecureForm audits every view/download/delete of every row in your SecureForm database storage area, when those operations are performed via the API or via the web based form-database reporting tool. This audit trail is now visible to account administrators (under the SecureForm reports area) and is accessible via direct SQL commands.

Administrators can also choose to permit deletion of database rows via the web-based form-database reporting tool.

Row-level form database auditing is great for anyone with compliance needs (e.g. HIPAA) … who must record access to sensitive data and keep records of that access going forward. The audit trail includes not only what row was viewed or deleted, but it also includes the date/time, IP address, and person or entity that performed the action.